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Amendments to the Claims: 

This listing of claims will replace all prior versions, and listings of claims in the application: 
Listing of Claims: 

1 . (Currently Amended) A computer-implemented method for using 
workflows, the method comprising the steps of : 

associating workflows with one or more domains groups in an identity system, 
each domain comprising one or more entities; each group including one or more users of the 
identity system; 

receiving a request to perform a task that pertains to affects at least one target 
identity profile ef associated with an entity in said identity system; and 

determining from said one or more domains, a domain that includes said entity 
with which said at least one identity profile is associated; 

determining a set of workflows associated with said domain and capable of 
performing said task; 

outputting said set of workflows to a user; 

receiving from said user a selection of a first workflow from said set of 
workflows; and 

performing [[a]] said first workflow for said task; , said first workflow is 
associated with a first group that includes the target identity profile; 
wherein: 

said request includes an identification of said target at least one identity profile.^ 
said stop of performing includes the stops of identifying a plurality of workflows 
that perform said task and are associated with groups that include said target identity profile, said 
plurality of workflows includes said first workflow, reporting said plurality of workflows to a 
user via a Graphical Usor Intcrfaco (GUI), rccoiving from the usor via the GUI a solcction of said 
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first workflow from the plurality of workflows, and performing one or more stops of said first 
workflow; 

said first workflow comprises a predefined set of steps that perform said task to 
modify one or more attributes of the target identity profile, said predefined set of steps 
comprising a first step and a second step; 

said first stop is performed by a first program; 

said second step is performed by a second program; 

information is passed between said first program and said second program 
according to a dofinod sot of rulos; and 

at loast ono of tho first program and tho second program is oxtornal to tho 

workflow. 

2. (Currently Amended) A method according to claim 1, wherein: 

said step of associating includes associating said first workflow with said first 
group domain , said step of associating said first workflow includes choosing a first entry in [[a]] 
said data structure, said data structure is a hierarchical data structure of entities in [[the]] said 
identity system, said first domain includes said first entry and entries below said first entry. 

3. -4. (Canceled) 

5. (Currently Amended) A method according to claim 1, wherein: 
said request is a request to delete said target at least one identity profile. 

6. (Currently Amended) A method according to claim 1, wherein: 
said request is a request to modify said target at least one identity profile. 

7-8. (Canceled) 

9. (Original) A method according to claim 1, wherein: 
said steps of associating, receiving and performing are performed by an integrated 
identity and access system. 
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10. (Original) A method according to claim 1, wherein: 
said request is for self-registration. 

1 1 . (Original) A method according to claim 1 , wherein: 
said request is from a parent workflow; and 

said first workflow is a sub-workflow to said parent workflow. 

12. (Canceled) 

13. (Previously Presented) A method according to claim 2, wherein: 
said hierarchical data structure includes an LDAP directory. 

14. (Currently Amended) One or more processor readable storage devices 
storing plurality of instructions causing a processor to use workflows for performing tasks, said 
plurality of instructions comprising code for: having processor readable code embodied on said 
processor readable storage devices, said processor readable code for programming one or more 
processors to perform a method comprising the steps of: 

associating workflows with one or more domains groups in an identity system, 
each domain comprising one or more entities; each group including one or more users of the 
identity system; 

receiving a request to perform a task that pertains to affects at least one target 
identity profile ef associated with an entity in said identity system; and 

determining from said one or more domains, a domain that includes said entity 
with which said at least one identity profile is associated; 

determining a set of workflows associated with said domain and capable of 
performing said task; 

outputting said set of workflows to a user; 

receiving from said user a selection of a first workflow from said set of 
workflows; and 
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performing [[a]] said first workflow for said task; , said first workflow is 
associated with a first group that includes tho target identity profile; 
wherein: 

said request includes an identification of said target at least one identity profile.^ 
said step of performing includes the steps of identifying a plurality of workflows 
that perform said task and are associated with groups that include said target identity profile, said 
plurality of workflows includes said first workflow, reporting said plurality of workflows to a 
user via a Graphical User Interface (GUI), receiving from the user via the GUI a selection of said 
first workflow from the plurality of workflows, and performing one or more steps of said first 
workflow; 

said first workflow comprises a predefined set of steps that perform said task to 
modify one or more attributes of the target identity profile, said predefined set of steps 
comprising a first step and a second step; 

said first stop is performed by a first program; 

said second step is performed by a second program; 

information is passed between said first program and said second program 
according to a defined set of rules; and 

at least one of the first program and the second program is external to the 

workflow. 

15. (Currently Amended) One or more processor readable storage devices 
according to claim 14, wherein: 

said step of associating includes associating said first workflow with said first 
group domain , said step of associating said first workflow includes choosing a first entry in [[a]] 
said data structure, said data structure is a hierarchical data structure of entities in [[the]] said 
identity system, said first domain includes said first entry and entries below said first entry. 

16-19. (Canceled) 
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20. (Original) One or more processor readable storage devices according to 
claim 14, wherein: 

said steps of associating, receiving and performing are performed by an integrated 
identity and access system. 

21 . (Original) One or more processor readable storage devices according to 
claim 14, wherein: 

said request is from a parent workflow; and 

said first workflow is a sub-workflow to said parent workflow. 

22. (Canceled) 

23. (Previously Presented) One or more processor readable storage devices 
according to claim 15, wherein: 

said hierarchical data structure includes an LDAP directory. 

24. (Currently Amended) An apparatus that uses workflows, comprising: 
a communication interface; 

one or more processor processors in communication with said communication 
interface, said one or more processors perform a method comprising the steps of: 

associating workflows with one or more domains groups in an identity system, 
each domain comprising one or more entities; each group including one or more users of the 
identity system; 

receiving a request to perform a task that pertains to affects at least one target 
identity profile ef associated with an entity in said identity system; and 

determining from said one or more domains, a domain that includes said entity 
with which said at least one identity profile is associated; 

determining a set of workflows associated with said domain and capable of 
performing said task; 

outputting said set of workflows to a user; 
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receiving from said user a selection of a first workflow from said set of 
workflows; and 

performing [[a]] said first workflow for said task; , said first workflow is 
associated with a first group that includes the target identity profile; 
wherein: 

said request includes an identification of said target at least one identity profile.-; 

said step of performing includes the steps of identifying a plurality of workflows 
that perform said task and are associated with groups that include said target identity profile, said 
plurality of workflows includes said first workflow, reporting said plurality of workflows to a 
user via a Graphical User Interface (GUI), receiving from the user via the GUI a selection of said 
first workflow from the plurality of workflows, and performing one or more steps of said first 
workflow; 

said first workflow comprises a predefined set of steps that perform said task to 
modify one or more attributes of the target identity profile, said predefined sot of stops 
comprising a first step and a second step; 

said first step is performed by a first program; 

said second stop is performed by a second program; 

information is passed botweon said first program and said second program 
according to a defined sot of rules; and 

at least one of the first program and the second program is external to the 

workflow. 

25. (Currently Amended) An apparatus according to claim 24, wherein: 
said step of associating includes associating said first workflow with said fffst 
group domain , said step of associating said first workflow includes choosing a first entry in a 
data structure, said data structure is a hierarchical data structure of entities in the identity system, 
said first domain includes said first entry and entries below said first entry. 

26-29. (Canceled) 
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30. (Original) An apparatus according to claim 24, wherein: 

said one or more processors are part of an integrated identity and access system. 

3 1 . (Original) An apparatus according to claim 24, wherein: 
said request is from a parent workflow; and 

said first workflow is a sub-workflow to said parent workflow. 

32. (Canceled) 

33. (Previously Presented) An apparatus according to claim 25, wherein: 
said hierarchical data structure includes an LDAP directory. 

34. (Currently Amended) A method according to claim 1, wherein said task 
comprises managing said target at least one identity profile. 

35. (Currently Amended) A method according to claim 34, wherein managing 
said at least one identity profile comprises one or more tasks selected from the group consisting 
ef: creating a user, deleting a user, changing a user attribute, creating a group, deleting a group, 
and changing a group attribute. 

36. (Currently Amended) A method according to claim 34, wherein managing 
said at least one identity profile comprises managing a certificate associated with said at least 
one identity profile. 

37. - 40. (Canceled) 

41 . (Currently Amended) The method of claim [[39]] 1, wherein said first 
workflow comprises a predefined set of steps and performing one or more steps of the said first 
workflow to modify affects said at least one identity profile by modifying one or more attributes 
of the target said at least one identity profile includes said modifying including deleting the 
target said at least one identity profile. 

42. -43. (Canceled). 
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44. (Currently Amended) The method of claim [[39]] 41, wherein said 
predefined set of steps comprising a first step and a second step; 

said first step is performed by a first program; 

said second step is performed by a second program; 

information is passed between said first program and said second program 
according to a defined set of rules; at least one of said first program and said second program is 
external to the workflow and wherein said second program performs a second workflow to 
modify one or more attributes of the target at least one identity profile. 

45. (Currently Amended) The method of claim [[39]] 44, wherein the said 
second program is identified in an event catalog of the said first workflow. 

46. (Previously Presented) The method of claim 45, wherein the event catalog 
further identifies one or more parameters for passing information between the first program and 
the second program. 

47. (Currently Amended) The method of claim 1, wherein identifying the 
plurality said set of workflows that perform the said task and are associated with the groups said 
domain that include the target includes said entity with which said at least one identity profile is 
associated, further comprises identifying workflows of the plurality said set of workflows for 
which a user issuing the said request to perform the said task is authorized. 

48. (Currently Amended) The method of claim 47, wherein the groups said at 
least one identity profile is a static member of a group, that include the target identity profile 
include one or more groups to which the target identity profile is a static member. 

49. (Currently Amended) The method of claim 48, wherein the target said at 
least one identity profile is identified as a static member of the said one or more groups group 
based on a group identity profile for each of the one or more groups said group . 
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50. (Currently Amended) The method of claim [[49]] 47, wherein said at least 
one identity profile is a dynamic member of a group, the groups that include the target identity 
profile include one or more groups to which the target identity profile is a dynamic member. 

51. (Currently Amended) The method of claim 50, wherein the target said at 
least one identity profile is identified as a dynamic member of the one or more groups said group 
based on application of a rule defined by the a group identity profile for each of the one or more 
groups said group. 

52. (Currently Amended) The method of claim [[51]] 47, wherein said at least 
one identity profile is a nested member of a group, the groups that include the target identity 
profile include one or more groups to which the target identity profile is a nested member. 

53. (Canceled). 
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